yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4,192 Commits 3 Branches 0 Tags
04f5b08ba18c50a670cdab946b49f03dfc412d71
Commit Graph

4192 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jamie Slome
04f5b08ba1 Update SECURITY.md (#3711) 
* Update SECURITY.md

* Update SECURITY.md

Co-authored-by: Tom Moor <tom.moor@gmail.com>
 2022-07-17 07:29:10 -07:00
CuriousCorrelation
5924f4909f fix: Cursor disappearing behind emoji (#3786) 
* fix: Cursor disappearing behind emoji

* Move emoji node styles to `Styles.ts`

* fix: grammar

* fix: Pasting emoji adds a new line

* fix: DOM element type
 2022-07-17 06:49:39 -07:00
CuriousCorrelation
c00bad38e2 feat(editor): Ability to select line in codeblocks (#3798) 
* feat(editor): Ability to select line in codeblocks

* fix: Check to make sure sel is indeed in codeblock
 2022-07-17 06:49:30 -07:00
Tom Moor
11e1ef455f chore: Improve UUID vaildation – prevent nonsense reaching db queries 2022-07-17 14:49:04 +01:00
Tom Moor
4af69b2758 fix: Moving an image to empty space results in endless upload (#3799) 
* fix: Error dragging images below doc, types

* fix: Handle html/text content dropped into padding

* refactor, docs
 2022-07-17 03:31:55 -07:00
Tom Moor
dee87f15af fix: Members table does not correctly reset from filters 2022-07-16 18:47:36 +01:00
dependabot[bot]
67885e7339 chore(deps): bump react-dnd-html5-backend from 14.0.0 to 16.0.1 (#3769) 
Bumps [react-dnd-html5-backend](https://github.com/react-dnd/react-dnd) from 14.0.0 to 16.0.1.
- [Release notes](https://github.com/react-dnd/react-dnd/releases)
- [Changelog](https://github.com/react-dnd/react-dnd/blob/main/CHANGELOG.md)
- [Commits](https://github.com/react-dnd/react-dnd/commits)

---
updated-dependencies:
- dependency-name: react-dnd-html5-backend
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-16 10:15:11 -07:00
Tom Moor
0b0a1b0169 fix: Heading action depth conflict, closes #3558 2022-07-16 17:58:02 +01:00
Tom Moor
de18196fd8 chore: Upgrade socket.io (#3697) 
* Upgrade wip

* tsc

* tsc

* fix: Missing authenticated message
 2022-07-16 06:02:03 -07:00
dependabot[bot]
96d1c4997b chore(deps): bump yjs from 13.5.34 to 13.5.39 (#3770) 
Bumps [yjs](https://github.com/yjs/yjs) from 13.5.34 to 13.5.39.
- [Release notes](https://github.com/yjs/yjs/releases)
- [Commits](https://github.com/yjs/yjs/compare/v13.5.34...v13.5.39)

---
updated-dependencies:
- dependency-name: yjs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-16 02:40:34 -07:00
Tom Moor
95f4fb2424 chore: Remove deprecated socket.io-auth (#3780) 2022-07-16 02:27:09 -07:00
Tom Moor
1247bb411e Merge branch 'paullessing-issue-3655-allowed-domains-save-no-change' 2022-07-16 00:38:28 +01:00
Tom Moor
7ffb182034 Merge branch 'issue-3655-allowed-domains-save-no-change' of github.com:paullessing/outline into paullessing-issue-3655-allowed-domains-save-no-change 2022-07-16 00:37:49 +01:00
Translate-O-Tron
fc414e2dd4 New Crowdin updates (#3723) 2022-07-15 16:19:13 -07:00
Nan Yu
c3ec7b0877 Feat: clarify security language and hide default settings when invites are required (#3751) 
* clarify default role and allowed domains

* language tweaks

* Update app/scenes/Settings/Security.tsx

Co-authored-by: Tom Moor <tom.moor@gmail.com>

Co-authored-by: Tom Moor <tom.moor@gmail.com>
 2022-07-15 16:13:41 -07:00
Tom Moor
e509719c77 Add ability to quickly create test users in development (#3764) 2022-07-15 16:11:30 -07:00
Tom Moor
a16cf72b73 feat: Error state for paginated lists (#3766) 
* Add error state for failed list loading

* Move sidebar collections to PaginatedList for improved error handling, loading, retrying etc
 2022-07-15 16:11:04 -07:00
CuriousCorrelation
acabc00643 fix: ToolbarMenu popup on inline code selection (#3775) 
* fix: `ToolbarMenu` popup on inline code selection

* fix: Replace `isCode` checks with single `isInCode`

* feat: Only relevant options on `code_inline` selection

* Change special case with item visibility toggle

* fix: `formattingMenuItems` visibility in `code_inline`
 2022-07-15 16:10:47 -07:00
Tom Moor
e989999d6e fix: Upgrade prosemirror-view fixes duplicate lines, closes #3371 
Note: That this bump of prosemirror-view also includes typescript types for the first time ever, these conflict with the @types packages and cause the need for extensive changes throughout the codebase. To prevent this becoming a massive PR with days of testing these new types are being removed for now. In the future we will bump all of the pm dependencies and restore the package types here
 2022-07-15 10:34:03 +01:00
dependabot[bot]
c3e149eb86 chore(deps): bump @babel/core from 7.17.10 to 7.18.6 (#3771) 
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.17.10 to 7.18.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.18.6/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-13 12:48:57 -07:00
dependabot[bot]
4c05fe422c chore(deps): bump http-errors from 1.4.0 to 2.0.0 (#3772) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-13 00:59:56 -07:00
Tom Moor
47e73cee4e feat: Cleanup api keys and webhooks for suspended users (#3756) 2022-07-13 00:59:31 -07:00
CuriousCorrelation
d1b01d28e6 fix: svg+xml image type ext not assigned properly (#3774) 2022-07-13 00:59:17 -07:00
Tom Moor
973cfc3fa3 Do not show suspended users to non admins (#3776) 2022-07-13 00:59:06 -07:00
dependabot[bot]
dd6084d044 chore(deps-dev): bump @types/formidable from 2.0.0 to 2.0.5 (#3773) 
Bumps [@types/formidable](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/formidable) from 2.0.0 to 2.0.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/formidable)

---
updated-dependencies:
- dependency-name: "@types/formidable"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-12 11:07:17 -07:00
Tom Moor
206545f350 fix: Ensure signed attachment urls are always downloaded rather than loaded in browser 2022-07-12 17:14:22 +01:00
Tom Moor
e92d68a0a3 Create dependabot.yml 2022-07-12 09:40:44 +02:00
CuriousCorrelation
66dbcde29b feat: Redirect on unpublished share access (#3760) 
* feat(WIP): Redirect on unpublished shares

* feat[WIP]: add redirect with test notice

* Revert to `Login` display, no redirects
 2022-07-10 23:59:45 -07:00
Tom Moor
465a8bd505 fix: Version tag should open new tab, related type improvements 
closes #3737
 2022-07-10 11:22:45 +02:00
Tom Moor
aef62d1356 fix: Publish click from editing heading, closes #3759 2022-07-10 10:23:00 +02:00
Tom Moor
35e82beaf7 chore: Upgrade koa- dependencies (#3761) 2022-07-09 10:23:42 -07:00
Tom Moor
8bb88b8550 chore: Audit of all model column validations (#3757) 
* chore: Updating all model validations before the white-hatters get to it ;)

* test

* Remove isUrl validation, thinking about it need to account for minio and other weird urls here
 2022-07-09 08:04:40 -07:00
Tom Moor
da4a10e877 chore: Remove shares.info apiVersion 1 (#3758) 
* chore: Remove shares.info apiVersion 1

* fix: Sporadic test failure
 2022-07-09 04:28:56 -07:00
Tom Moor
caaf6dd76b fix: Enter at beginning of collapsed heading should create a new heading above (#3754) 2022-07-09 02:23:12 -07:00
Tom Moor
2893924e9a fix: Must check length before passing to timingSafeEqual 2022-07-09 11:19:40 +02:00
Tom Moor
32b7a7df00 fix: Handle sanitizeUrl can receive non-string value 
closes #3746
 2022-07-08 21:15:07 +02:00
Tom Moor
97f8c0813c fix: Use crypto.timingSafeEqual, closes #3740 2022-07-08 21:10:51 +02:00
CuriousCorrelation
746dc30aeb feat: Add pending migrations check during startup (#3744) 
* feat: Add pending migrations check during startup

* fix: migration pending log message

Co-authored-by: Tom Moor <tom.moor@gmail.com>

Co-authored-by: Tom Moor <tom.moor@gmail.com>
 2022-07-08 11:30:16 -07:00
Tom Moor
4a46d19846 fix: Improved model validation for Collection (#3749) 
* fix: Added improved model validation for Collection attributes

* sp

* fix: Enforce title length in UI
 2022-07-08 11:10:22 -07:00
Tom Moor
98106e7f6f Update 20220702132722-add-webhooks-deleted-at.js 2022-07-08 02:22:48 -07:00
Nan Yu
1e808fc52c Feat: add auth provider to users on sign in (#3739) 
* feat: merge a new authentication method onto existing user records when emails match

* adds test for invite acceptance and auth provider creation

* addresses comments
- test existing user and invites in different test cases
- update lastActiveAt syncronously when an invite is accepted

* sort arrays in test to prevent nondeterministic test behaivior when doing array compare
 2022-07-08 00:24:46 -07:00
Tom Moor
ec8c0645ba fix: Correct annotation order 🙈 2022-07-07 12:23:27 +02:00
Tom Moor
f90309e781 fix: Unneccessary restrictive avatarUrl length 2022-07-07 12:16:54 +02:00
Paul Lessing
d8f125f413 Fix: Move logic inline 2022-07-07 11:01:32 +01:00
Tom Moor
c36e7bfbb6 fix: Add 10 domain limit per team (#3733) 
* fix: Validate team domains are FQDN's
Add 10 domain limit per team
fix: Deletion of domains not happening within request lifecycle

* tests

* docs
 2022-07-05 12:27:02 -07:00
Tom Moor
831df67358 feat: Adds route-level role filtering. (#3734) 
* feat: Adds route-level role filtering. Another layer in the onion of security and performance

* fix: Regression in authentication middleware
 2022-07-05 12:26:49 -07:00
Tom Moor
c6fdffba77 chore: Internal request filtering 2022-07-05 11:06:47 +02:00
Tom Moor
4e189b8970 Improved sanitization of href's in editor 2022-07-05 10:14:16 +02:00
Tom Moor
2f3dcb2520 fix: Do not show 'Full width' toggle to viewers 
closes #3728
 2022-07-04 15:20:01 +02:00
Nan Yu
f36f5f13f4 Fix: clear localstore after logout (#3731) 
* fix: remove user, team, and policies from auth store and localstorage on logout

* true up the reset everywhere
 2022-07-04 01:47:44 -07:00